1
1
Fork 0
mirror of https://github.com/pbatard/rufus.git synced 2024-08-14 23:57:05 +00:00
Commit graph

146 commits

Author SHA1 Message Date
Pete Batard
2607dfabc1
[loc] fix truncation of notification messages 2019-05-15 13:42:33 +01:00
Pete Batard
2a1c57c750
[ui] disable button and add a countdown when launching update
* Also disable Launch button while we do so
* Also add new <Ctrl>-<Alt>-<Y> cheat mode
* Also terminate update thread before exiting if running
* Also set version to rufus-next
2019-04-01 16:38:27 +01:00
Pete Batard
4271e42b50
[fido] download an LZMA compressed version of the script
* Since we have compression available through Bled we might as well use it
* Also validate that the download URL comes from https://github.com/pbatard/Fido
* Also prevent the check for update from running while we are downloading ISOs
2019-03-23 13:59:20 +00:00
Pete Batard
82bb497c1b
[fido] add a log notice to explain why ISO downloads are disabled
* Also fix an issue where Rufus doesn't report an error if 'fmifs.dll' can't be found (#1284)
* Also improve GitHub issue template to mention that Ctrl-L can also be used to access the log
2019-03-19 12:04:29 +00:00
Pete Batard
924c6b1a79
[loc] fix alert hook handling when switching language
* Because the localized title/button text lookup was only executed once
  on startup, it wouldn't apply to the new language on relaunch. Fix that.
2019-03-13 17:01:26 +00:00
Pete Batard
0c368b4e69
[loc] finalize translations for 3.5
* Also update for latest Fido and simplify SetLGP
2019-03-12 19:53:25 +00:00
Pete Batard
65f886141b
[fido] improve UI handling
* Center dialog on open
* Close dialog on main application exit
* Display ISO short name & size on status bar during download
* Display ISO download progress on taskbar
* Also fix improper detection of EAGET Mass Storage USB Device as HDD
2019-03-07 16:29:43 +00:00
Pete Batard
db68bcd7f9
[fido] use Rufus existing alert handler to close Fido's cookie prompts
* Addresses pbatard/Fido#1 while being much more effective than an all-script solution
2019-03-05 12:41:10 +00:00
Pete Batard
8823c0cf9c
[net] always download latest release of Fido
* Also clean up/factorize some of the net code
2019-03-04 19:14:54 +00:00
Pete Batard
e073fb47b0
[net] add Windows retail ISO downloads
* This is accomplished through Fido (https://github.com/pbatard/Fido), a *SIGNED*
  PowerShell script, that is downloaded from GitHub and that resides in memory for
  the duration of a session.
* The reason we use a downloaded PS script, rather than an embedded on, is because:
  - Microsoft have regularly been changing the deal with regards to how retail ISOs
    can be downloaded, and not for the better, so we can't simply embed a static
    means of downloading ISOs and expect that to work forever.
  - By using an external script, we can immediately respond to whatever new means of
    *ANNOYING* their legitimate users Microsoft will come up with next, as well as
    make sure that, the minute a new retail version of Windows becomes available, it
    also becomes available for download in Rufus.
* Note that if you are concerned about downloading a remote PS script that is being
  run at the same level as an elevated application, you should understand that:
  - Only scripts downloaded from GitHub, from an account that is protected with 2FA,
    are allowed to run (i.e. someone would first have to steal a *physical* 2FA key
    to be in a position to upload a malicious script).
  - On top of this, only scripts that are signed with a separate private key (RSA +
    AES-256), that is itself also protected with a strong unique password which only
    a single person knows (and must manually enter each time they want to make a new
    version of the script available for download), are allowed to run.
  The above means that there's about as much chance for someone to manage to upload
  a malicious script on the GitHub servers, that Rufus would allow to run, as there
  is for someone to upload a malicious version of Rufus itself.
  Still, if you are paranoid and have concerns that, even as you can validate from
  its source that Rufus does not attempt to execute any remote script unless a user
  actively selected and clicked the DOWNLOAD button, you can also completely disable
  the remote script download feature, if you just set the update check to disabled
  (which, by the way, Rufus *EXPLICITLY* asks you to choose whether you want to
  enable or not, the very first time you run the application).
* Also remove _unlinkU() which duplicates what DeleteFileU() already does.
2019-03-02 23:34:32 +00:00
Pete Batard
078aaf7714
[net] disable BETA version check for anything but x86_32 2019-02-05 17:49:27 +00:00
Pete Batard
7b2edbfd6f
[process] also report the PID of conflicting processes
* Also update copyright year
2019-01-02 12:24:34 +00:00
Pete Batard
f94d2f479f
[core] fix abort if we can't display the "drive in use" message
* Also display the current MUI on startup and set version to rufus-next
2018-12-14 18:19:33 +00:00
Pete Batard
7745edbb92
[misc] use COBJMACROS for COM calls 2018-11-27 11:59:19 +00:00
Pete Batard
04a5793ee7
[misc] use compilation flag to undefine NDEBUG for assert 2018-11-21 17:45:18 +00:00
Pete Batard
15806de646
[ui] display a notice about Secure Boot when UEFI:NTFS is applied 2018-11-20 12:33:12 +00:00
Pete Batard
846857a549 [ui] use Downloads as initial image directory rather than My Documents
* With thanks to win32diskimager for figuring that one out
2018-10-06 14:21:13 +02:00
Pete Batard
619dd9862b [misc] use GetWindowLongPtr/SetWindowLongPtr everywhere
* Also remove WS_EX_RIGHT style from IDC_PERSISTENCE_SIZE since we apply it manually
2018-08-20 09:46:23 +01:00
Pete Batard
c832814af0 [ui] small fixes for RTL languages 2018-08-18 17:38:23 +01:00
Pete Batard
05f8400451 [misc] reorganize UI function calls into their own source
* Also fix ARM/ARM64 broken compilation due to missing __popcnt()
2018-07-06 05:46:36 +01:00
Pete Batard
7c142fadbc [net] improve handling of invalid signatures
* Also make bPromptOnError an actual parameter to the download function calls
* Also prefer the use of assert() to custom assertion messages
2018-06-30 22:45:15 +01:00
Pete Batard
fdfc9ff82d [pki] add RSA-2048 signature validation for all server downloads
* Closes #1172
* Also fix a MinGW warning in badblocks.c
2018-06-29 18:19:05 +01:00
Pete Batard
8238de67e1 [ui] fix more potential notification message truncation
* Some Thai UTF-8 notification messages went over the buffer size limit we used for vsnprintf()
* Also, revert part of 645184f11e and use LRE+PDF marks instead:
  Don't handle in the code what is better handled in the loc file.
2018-06-08 16:29:41 +01:00
Pete Batard
d6e6f46029 [ui] fix notification dialog messages being truncated
* We now auto resize the height of the Notification dialog according to the
  number of lines of the message.
* Also harmonize local RECT variable names according to what we do elsewhere.
2018-06-08 13:02:39 +01:00
Pete Batard
c3aaa0c252 [loc] fix various RTL localization issues
With thanks to Itiel

* Fix a potential buffer overflow in lmprintf for RTL languages
* Automatically apply RLE/PDF to all RTL messages, and remove the RLE/PDFs from the .loc
* Fix Windows messing up of multiline RTL tooltips (The trick is, if you want actually
  want RTL, you need to *disable* RTL... Sure, Microsoft, that makes a lot of sense?!?)
* Also properly scale the length of the multiline tooltips according to the zoom factor
* Closes #1132
2018-05-18 00:55:35 +01:00
Pete Batard
9815a18009 [ui] fix tabbing order for the new UI design
* Accessibility *IS* a thankless job...
2018-05-11 17:35:48 +01:00
Pete Batard
db6a5bb749 [loc] fix tooltip justification for RTL languages
* Left alignment was used instead of right
* Also improve device tooltip display
2018-05-10 12:07:21 +01:00
Pete Batard
070e28aa5a [ui] fix display of icons for RTL languages
* Ensure that the 'Save', 'Hash' and 'World' icons are not mirrored for RTL
* Also call DestroyIcon() where required and clean up code
2018-05-10 10:51:31 +01:00
Pete Batard
cdacc6f342 [ui] fix whole screen refresh and progress bar issues
* Whole screen was being refreshed when calling InvalidateRect() in ResizeMoveCtrl()
* Progress bar bounding rectangle could be erased at 0.0%
* No progress was displayed when writing ISOHybrid images in DD mode
* Also fix an issue when write error would not display the error string
2018-05-08 20:28:23 +01:00
Pete Batard
a44518355f [ui] UI redesign
* Better guide the user through the flow of operations
* Also follow a concept design by Fahad Al-Riyami
* Closes #117
2018-03-22 23:14:21 +00:00
Pete Batard
903ac993f2 [misc] remove no longer needed XP workarounds 2017-11-13 14:30:25 +00:00
Pete Batard
c3c39f7f8a [pki] fix https://www.kb.cert.org/vuls/id/403768
* This commit effectively fixes https://www.kb.cert.org/vuls/id/403768 (CVE-2017-13083) as
  it is described per its revision 11, which is the latest revision at the time of this commit,
  by disabling Windows prompts, enacted during signature validation, that allow the user to
  bypass the intended signature verification checks.
* It needs to be pointed out that the vulnerability ("allow(ing) the use of a self-signed
  certificate"), which relies on the end-user actively ignoring a Windows prompt that tells
  them that the update failed the signature validation whilst also advising against running it,
  is being fully addressed, even as the update protocol remains HTTP.
* It also need to be pointed out that the extended delay (48 hours) between the time the
  vulnerability was reported and the moment it is fixed in our codebase has to do with
  the fact that the reporter chose to deviate from standard security practices by not
  disclosing the details of the vulnerability with us, be it publicly or privately,
  before creating the cert.org report. The only advance notification we received was a
  generic note about the use of HTTP vs HTTPS, which, as have established, is not
  immediately relevant to addressing the reported vulnerability.
* Closes #1009
* Note: The other vulnerability scenario described towards the end of #1009, which
  doesn't have to do with the "lack of CA checking", will be addressed separately.
2017-08-31 12:19:11 +01:00
Pete Batard
90dc847e24 [misc] add static_strcat & static_strcpy and use static_ calls wherever possible
* Also set Rufus next to 2.17 and fix a warning
2017-08-10 19:43:52 +01:00
Pete Batard
7ef65b551a [misc] yay, more XP fixes...
* Since I half expect 2.16 to be the last version of Rufus to support Windows XP
2017-07-24 16:29:09 +01:00
Pete Batard
b4a2c06a2e [ui] ask user if they want proceed when conflicting processes are found
* Rufus now checks for processes with handles opened on the drives/volumes before
  starting the format operation and asks the user if they want to continue.
* This mimics Windows' behaviour when formatting drives, and actually uses the
  same message as the one from shell32.dll.mui.
* Closes #773
2017-07-16 22:42:19 +01:00
Pete Batard
a528bb3d83 [ui] report process(es) that are preventing access on error
* Also revert loc file changes that were introduced in f53b22a077
2017-07-11 17:50:38 +01:00
Pete Batard
92d046e663 [ui] produce a sound and flash taskbar icon on success/error
* Closes #973
2017-07-04 14:51:25 +01:00
Pete Batard
150be52479 [iso] notify if the file size on disk is smaller than expected ISO size
* Closes #963
* Also fix a potential issue with Notification()
2017-06-24 17:23:06 +01:00
Pete Batard
9950f5c088 [misc] enable DEP (Data Execution Prevention) on MinGW
* Also fix minor warnings
2017-05-01 23:55:58 +01:00
Pete Batard
d5f6ddb653 [core] list potentially blocking processes on disk access error
* Using functionality from Process Hacker:
  https://github.com/processhacker2/processhacker2/
* Part of the #773 enhancement
* Also fix minor MinGW and WDK warnings
2017-04-27 23:06:42 +01:00
Pete Batard
be1bdb7c85 [misc] miscellaneous cleanup
* Also add CreateWindowExU() method
* Also add the 'DisableFileIndexing' to the ini template
2017-04-04 17:26:45 +01:00
Pete Batard
edcfd43ed5 [misc] fix multiple VS Code Analysis warnings 2017-03-10 19:07:48 +01:00
Pete Batard
f7b839c596 [ui] fix restore when a dialogbox is displayed while the main window is minimized
* Closes #896
2017-02-06 12:08:11 +00:00
Pete Batard
db234442e3 [ui] improve selection dialog when there exist more than 6 options
* Closes #891
2017-01-18 13:48:44 +00:00
Pete Batard
5b544c6a4a [misc] update copyright year 2017-01-01 15:30:03 +00:00
Pete Batard
7d302d340f [togo] enable selection of Windows version
* Closes #847
* Also set rufus-next to 2.12
2016-12-13 14:26:27 +00:00
Pete Batard
4891500f40 [loc] fix license display for RTL languages 2016-12-05 10:52:37 +00:00
Pete Batard
cc758f58a0 [ui] fix UI font for XP users
* DIE, XP, DIE!!!!
* Closes #820
2016-08-29 18:17:43 +01:00
Pete Batard
9dd06e93bc [ui] improve Windows format prompt autoclose
* Closes #794
* Also reorder some messages (so that RUFUS_TEST comes first)
* Also update issue template
2016-07-09 16:20:58 +01:00
Pete Batard
b9da0cf057 [ui] fix missing partition scheme tooltip after selecting an ISO
* Tooltips can only be manipulated from the same thread as the one that created their parent
* Also increase the SetLGP() timeout as this seems to be problematic
* Closes #764
2016-05-30 17:32:49 +01:00